General
-
Target
5818575916ee7e94a2f3410e1b4ce091449751df88d4a480caf39f6e638728fb
-
Size
327KB
-
Sample
220211-b5k6pshed5
-
MD5
c5e2a7f0234463c0f7df97a8c8d17a09
-
SHA1
cd663c635148243e310aed41cc81a0f4a9c103fa
-
SHA256
5818575916ee7e94a2f3410e1b4ce091449751df88d4a480caf39f6e638728fb
-
SHA512
8443fd05f71a6e8dfacf7245f3b0011cf8d009b1b5b03aa17ee7ccd184543468547b594de2bac1b7b286ebe86e4532aec995b0033976519c0984fbf36dff4b45
Static task
static1
Behavioral task
behavioral1
Sample
5818575916ee7e94a2f3410e1b4ce091449751df88d4a480caf39f6e638728fb.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
5818575916ee7e94a2f3410e1b4ce091449751df88d4a480caf39f6e638728fb
-
Size
327KB
-
MD5
c5e2a7f0234463c0f7df97a8c8d17a09
-
SHA1
cd663c635148243e310aed41cc81a0f4a9c103fa
-
SHA256
5818575916ee7e94a2f3410e1b4ce091449751df88d4a480caf39f6e638728fb
-
SHA512
8443fd05f71a6e8dfacf7245f3b0011cf8d009b1b5b03aa17ee7ccd184543468547b594de2bac1b7b286ebe86e4532aec995b0033976519c0984fbf36dff4b45
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-